Lucene search

[email protected]CVE-2012-1938

HistoryJun 05, 2012 - 11:55 p.m.

CVE-2012-1938

2012-06-0523:55:01

[email protected]

web.nvd.nist.gov

cve-2012-1938

mozilla firefox

thunderbird

seamonkey

denial of service

memory corruption

application crash

arbitrary code

nvd

vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.9 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.1%

JSON

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.

Affected configurations

NVD

Node

mozillafirefoxRange<13.0

mozillaseamonkeyRange<2.10

mozillathunderbirdRange<13.0

Node

opensuseopensuseMatch11.4

opensuseopensuseMatch12.1

suselinux_enterprise_desktopMatch10sp4

suselinux_enterprise_desktopMatch11sp1

suselinux_enterprise_serverMatch10sp4

suselinux_enterprise_serverMatch11sp1

suselinux_enterprise_serverMatch11sp1vmware

suselinux_enterprise_software_development_kitMatch10sp4

suselinux_enterprise_software_development_kitMatch11sp1

Node

redhatstorageMatch2.0

redhatenterprise_linux_desktopMatch5.0

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_eusMatch6.2

redhatenterprise_linux_serverMatch5.0

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_server_ausMatch6.2

redhatenterprise_linux_workstationMatch5.0

redhatenterprise_linux_workstationMatch6.0

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxlt13.0
mozilla:seamonkeymozilla seamonkeylt2.10
mozilla:thunderbirdmozilla thunderbirdlt13.0

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	lt	13.0
mozilla:seamonkey	mozilla seamonkey	lt	2.10
mozilla:thunderbird	mozilla thunderbird	lt	13.0

References

lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html

lists.opensuse.org/opensuse-security-announce/2012-06/msg00015.html

rhn.redhat.com/errata/RHSA-2012-0710.html

rhn.redhat.com/errata/RHSA-2012-0715.html

www.mandriva.com/security/advisories?name=MDVSA-2012:088

www.mozilla.org/security/announce/2012/mfsa2012-34.html

www.securityfocus.com/bid/53796

bugzilla.mozilla.org/show_bug.cgi?id=670317

bugzilla.mozilla.org/show_bug.cgi?id=699594

bugzilla.mozilla.org/show_bug.cgi?id=708688

bugzilla.mozilla.org/show_bug.cgi?id=716067

bugzilla.mozilla.org/show_bug.cgi?id=718852

bugzilla.mozilla.org/show_bug.cgi?id=723773

bugzilla.mozilla.org/show_bug.cgi?id=723971

bugzilla.mozilla.org/show_bug.cgi?id=730415

bugzilla.mozilla.org/show_bug.cgi?id=736012

bugzilla.mozilla.org/show_bug.cgi?id=748948

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17058

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.9 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.1%

JSON

Related for CVE-2012-1938

nvd1 ubuntucve1 veracode7 prion1 cvelist1 openvas38 mozilla1 nessus25 suse3 ubuntu4 oraclelinux2 freebsd1 redhat2 centos2 securityvulns1 gentoo1